From ef3ea4ff0503d6366f55a05811c17ff3f7c861bf Mon Sep 17 00:00:00 2001
From: cat-passwd <pro@antoine-felix.fr>
Date: Mon, 16 Jun 2025 15:46:39 +0000
Subject: [PATCH] Update 05-content-security-policy.md

Remove lines 46 and 47.

Implements #115
---
 .../01-implementation-dos-donts/05-content-security-policy.md   | 2 --
 1 file changed, 2 deletions(-)

diff --git a/docs/en/12-appendices/01-implementation-dos-donts/05-content-security-policy.md b/docs/en/12-appendices/01-implementation-dos-donts/05-content-security-policy.md
index bb536bdd..89e61314 100644
--- a/docs/en/12-appendices/01-implementation-dos-donts/05-content-security-policy.md
+++ b/docs/en/12-appendices/01-implementation-dos-donts/05-content-security-policy.md
@@ -43,8 +43,6 @@ For web applications, the source of all content is set to self.
 
 - `default-src` 'self'
 - `script-src` 'self';
-- `script-src` `unsafe-inline` `unsafe-eval` https:; (I am fairly sure this is used to block unsafe inline scripts
-    and `eval` but to be checked) - Have checked now and `unsafe-inline` should not be used
 - `connect-src` 'self';
 - `img-src` 'self';
 - `style-src` 'self'